Fixed RPC parameters permission calculation according to requirements

There was a problem when application has several consented functional
groups with the same RPC included. In case when some of functional
groups have RPC with all parameters disallowed option, SDL ignores all
allowed parameters for this RPC in other functional groups.

According to AppLink Policies Manager specification SDL should perform
a logical OR amongst all of the possible allowed permissions scenarios
for the RPC defined by each of the functional groups.

Current logic was updated to fit this requirement.

1 files changed, 45 insertions, 21 deletions

diff --git a/src/components/policy/policy_external/src/policy_helper.cc b/src/components/policy/policy_external/src/policy_helper.cc
index ed12cdde3a..e1a72c3f6a 100644
--- a/src/components/policy/policy_external/src/policy_helper.cc
+++ b/src/components/policy/policy_external/src/policy_helper.cc
@@ -620,26 +620,36 @@ void FillNotificationData::UpdateParameters(
   ParametersConstItr it_parameters = in_parameters.begin();
   ParametersConstItr it_parameters_end = in_parameters.end();
 
-  // Due to APPLINK-24201 SDL must consider cases when 'parameters' section is
-  // not present for RPC or present, but is empty.
-
-  // If 'parameters' section is like: 'parameters' : []
-  if (in_parameters.is_initialized() && in_parameters.empty()) {
-    if (!does_require_user_consent_) {
-      out_parameter.any_parameter_disallowed_by_policy = true;
-    }
-    if (does_require_user_consent_ && kAllowedKey == current_key_) {
-      out_parameter.any_parameter_disallowed_by_user = true;
+  // From AppLink Policies Manager specification:
+  // To determine consent for a particular RPC in a particular HMI level with
+  // particular parameters (if applicable), the system shall find all of the
+  // functional groups the RPC is included in. If user consent is needed as
+  // listed within the functional group in the policy table, the system shall
+  // use a logical AND: backend permissions AND User permissions. If the RPC is
+  // listed under more than one group, the system shall perform a logical OR
+  // amongst all of the possible allowed permissions scenarios for the RPC (and
+  // parameter/or HMI level) defined by each of the functional groups.
+
+  if (!IsSomeParametersAllowed(out_parameter)) {
+    // Due to APPLINK-24201 SDL must consider cases when 'parameters' section is
+    // not present for RPC or present, but is empty.
+
+    // If 'parameters' section is like: 'parameters' : []
+    if (in_parameters.is_initialized() && in_parameters.empty()) {
+      if (!does_require_user_consent_) {
+        out_parameter.any_parameter_disallowed_by_policy = true;
+      }
+      if (does_require_user_consent_ && kAllowedKey == current_key_) {
+        out_parameter.any_parameter_disallowed_by_user = true;
+      }
     }
-  }
 
-  // If 'parameters' section is omitted
-  if (!in_parameters.is_initialized()) {
-    if (!does_require_user_consent_) {
-      out_parameter.any_parameter_allowed = true;
-    }
-    if (does_require_user_consent_ && kAllowedKey == current_key_) {
-      out_parameter.any_parameter_allowed = true;
+    // If 'parameters' section is omitted
+    if (!in_parameters.is_initialized()) {
+      if (!does_require_user_consent_ ||
+          (does_require_user_consent_ && kAllowedKey == current_key_)) {
+        out_parameter.any_parameter_allowed = true;
+      }
     }
   }
 
@@ -647,6 +657,13 @@ void FillNotificationData::UpdateParameters(
     out_parameter[current_key_].insert(
         policy_table::EnumToJsonString(*it_parameters));
   }
+
+  // We should reset ALL DISALLOWED flags if at least one parameter is allowed
+  // due to a logical OR permissions check
+  if (IsSomeParametersAllowed(out_parameter)) {
+    out_parameter.any_parameter_disallowed_by_policy = false;
+    out_parameter.any_parameter_disallowed_by_user = false;
+  }
 }
 
 void FillNotificationData::ExcludeSame(RpcPermissions& rpc) {
@@ -769,16 +786,23 @@ bool FillNotificationData::RpcParametersEmpty(RpcPermissions& rpc) {
          no_user_disallowed_parameters;
 }
 
-bool FillNotificationData::IsSectionEmpty(ParameterPermissions& permissions,
-                                          const std::string& section) {
+bool FillNotificationData::IsSectionEmpty(
+    const ParameterPermissions& permissions, const std::string& section) const {
   ParameterPermissions::const_iterator it_section = permissions.find(section);
   ParameterPermissions::const_iterator end = permissions.end();
   if (end != it_section) {
-    return permissions[section].empty();
+    return it_section->second.empty();
   }
   return true;
 }
 
+bool FillNotificationData::IsSomeParametersAllowed(
+    const ParameterPermissions& permissions) const {
+  return permissions.any_parameter_allowed ||
+         (kAllowedKey == current_key_ &&
+          !IsSectionEmpty(permissions, kAllowedKey));
+}
+
 ProcessFunctionalGroup::ProcessFunctionalGroup(
     const policy_table::FunctionalGroupings& fg,
     const std::vector<FunctionalGroupPermission>& group_permissions,